Honeywell Cybersecurity Report: USB threat risk to industrials doubles over last 12 months
霍尼韋爾網絡安全報告：過去12個月USB對工業的威脅風險增加了一倍

In a report released by Honeywell based on cybersecurity threat data collected from hundreds of industrial facilities globally, the severity of threats detected to operational technology (OT) systems has risen by significant amounts over a 12-month period.

霍尼韋爾根據從全球數百個工業設施收集的網絡安全威脅數據發布的一份報告顯示，在12個月的時間里，對運營技術（OT）系統檢測到的威脅的嚴重性已大幅上升。

The findings from the latest Honeywell Industrial USB Threat Report show that the total amount of threats posed by USB removable media to industrial process control networks remains consistently high, with 45% of locations detecting at least one inbound threat. Over the same time period, the number of threats specifically targeting OT systems nearly doubled from 16 to 28%, while the number of threats capable of causing a loss of view or other major disruption to OT systems more than doubled, from 26 to 59%.
 
這份最新的《霍尼韋爾工業USB威脅報告》顯示，USB可移動媒介對工業過程控制網絡構成的威脅總數一直保持較高水平，其中45％的位置檢測到至少一個入站威脅。在同一時期，專門針對OT系統的威脅數量幾乎翻了一番，從16％增加至28％，而能夠對OT系統造成視覺喪失或其他重大破壞的威脅數量翻了一番以上，從26％增至59％ 。

The report shows that 1 in 5 of all threats was designed specifically to leverage USB removable media as an attack vector, and more than half the threats were designed to open backdoors, establish persistent remote access or download additional malicious payloads. These findings are indicative of more coordinated attacks, likely attempting to target air-gapped systems used in most industrial control environments and critical infrastructure.
 
該報告顯示，五分之一的威脅是專門設計為利用USB作為攻擊媒介，而超過一半的威脅則設計為打開后門、建立持久的遠程訪問或下載其他惡意負載。這些發現表明存在更多的協同攻擊，可能試圖針對大多數工業控制環境和關鍵基礎設施中使用的氣隙系統。
 
“USB-borne malware continues to be a major risk for industrial operators,” said Eric Knapp, director of Cybersecurity Research and engineering fellow, Honeywell Connected Enterprise, Cybersecurity. “What’s surprising is that we’re seeing a much higher density of significant threats that are more targeted and more dangerous. This isn’t a case of accidental exposure to viruses through USB – it’s a trend of using removable media as part of more deliberate and coordinated attacks.”

“USB傳播的惡意軟件仍然是工業運營商的主要風險，”霍尼韋爾網絡安全公司網絡安全研究部主任兼工程研究員Eric Knapp說道。“令人驚訝的是，我們看到的重大威脅密度更高，目標更明確，也更危險。這不是一個通過USB意外感染病毒的案例，而是一種趨勢，也就是使用可移動介質作為更加蓄意和協調攻擊的一部分。”

The Honeywell Industrial USB Threat Report examines data collected from Honeywell’s Secure Media Exchange (SMX) technology, which is designed to scan and control removable media, including USB drives. As the second most prevalent attack vector into industrial control and automation systems, USB devices play an important role in attacks that target OT systems. In recent years, such attacks have included Disttrack, Duqu, Ekans, Flame, Havex, Industroyer, USBCulprit and others.

《霍尼韋爾工業USB威脅報告》檢查了從霍尼韋爾安全媒體交換（SMX）技術收集的數據，該技術旨在掃描和控制包括USB驅動器在內的可移動媒體。作為工業控制和自動化系統中第二大最普遍的攻擊媒介，USB設備在針對OT系統的攻擊中扮演著重要角色。近年來，此類攻擊包括Disttrack、Duqu、Ekans、Flame、Havex、Industroyer、USBCulprit等。
 
To reduce the risk of USB-related threats, Honeywell recommends that organizations implement a blend of OT cybersecurity software products and services such as Honeywell’s Secure Media Exchange (SMX), the Honeywell Forge Cybersecurity Suite, people training and process changes.

為了降低USB相關威脅的風險，霍尼韋爾建議各組織結合OT網絡安全軟件產品和服務，例如霍尼韋爾的安全媒體交換（SMX）、霍尼韋爾Forge Cybersecurity網絡安全套件進行人員培訓和流程變更。
 
SMX provides operators with unprecedented control and visibility into the more secure use of USB technology with the latest in advanced threat detection capability for critical infrastructure and facilities. The Honeywell Forge Cybersecurity Suite can monitor for vulnerabilities such as open ports or the presence of USB security controls to strengthen endpoint and network security, and it helps ensure better cybersecurity compliance.

SMX為操作員提供了前所未有的控制和可視性，使他們能夠更安全地使用USB技術，并為關鍵基礎設施和設施提供最新的高級威脅檢測功能。霍尼韋爾Forge Cybersecurity網絡安全套件可以監視漏洞，例如開放端口或USB安全控制的存在，以增強端點和網絡安全性，并幫助確保更好的網絡安全合規性。